package com.java.web.servlet;

import java.io.IOException;
import java.net.URLEncoder;
import java.util.Date;
import java.util.List;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.java.web.entity.User;
import com.java.web.session.SessionManagement;

public class LoginServlet extends HttpServlet{

	@Override
	protected void doGet(HttpServletRequest req, HttpServletResponse resp)
			throws ServletException, IOException {
		// TODO Auto-generated method stub
		super.doGet(req, resp);
	}

	@Override
	protected void doPost(HttpServletRequest req, HttpServletResponse resp)
			throws ServletException, IOException {
		//HttpSession session=SessionManagement.createNewSession(req);
		HttpSession session=req.getSession(true);
		resp.setCharacterEncoding("utf-8");
		String username=req.getParameter("username");
		String password=req.getParameter("password");
		String timeStamp=req.getParameter("timeStamp");
		String random=req.getParameter("random");
		String jsessionid=req.getParameter("jsessionid");
		User user=new User();
		user.setUsername(username);
		user.setPassword(password);
		if(!"admin".equals(username) &&!"user".equals(username) && !"123456".equals(password)){
			String msg=URLEncoder.encode("用户名或密码错误！","UTF-8");
			resp.sendRedirect("session/login.jsp?msg="+msg);
			return;
		}
		if(!random.equals(session.getAttribute("random"))){
			String msg=URLEncoder.encode("验证码错误！","UTF-8");
			resp.sendRedirect("session/login.jsp?msg="+msg);
			return;
		}
		//将同名用户挤下去
		List<HttpSession> sessionList=SessionManagement.getSessin(req, username);
		if(sessionList.size()>1){
			SessionManagement.removeSession(sessionList.get(0));
			return;
		}
		SessionManagement.addSession(session);
		SessionManagement.addUser(req, user);
		if(session==null){
			req.setAttribute("msg", "登陆过期，请重新登陆！");
			req.getRequestDispatcher("session/login.jsp").forward(req, resp);
			return;
		}
//		String tokenStr=session.getId()+timeStamp;
//		if(!session.isNew()){
//			String tokenStrSession=(String)session.getAttribute("tokenStr");
//			if(!tokenStr.equals(tokenStrSession)){
//				req.setAttribute("msg", "不能重复刷新，请重新登陆！");
//				req.getRequestDispatcher("session/login.jsp").forward(req, resp);
//				return;
//			}
//		}else{
//			session.setAttribute("tokenStr", tokenStr);
//		}
		System.out.println("session信息："+"sessionId="+session.getId()+",\nsession创建时间="+new Date(session.getCreationTime())+",\nsession最后访问时间="+new Date(session.getLastAccessedTime())+",\nsession过期时间="+session.getMaxInactiveInterval()+",\nsession是否是新的="+session.isNew());
		session.setAttribute("username", username);
		System.out.println("当前登录用户信息："+"username="+username+",password="+password);
		
		req.getRequestDispatcher("session/index.jsp").forward(req, resp);
	
	}

}
